Notable Non-Western Cryptosystems that have been widely deployed?

Question

I was recently watching Sneakers (which Len Adleman advised on their "cryptography" sub-plot), which included a line along the lines of:

[Some hardware that ostensibly breaks American cryptography] doesn't work against Russian codes.

The speech that Adleman advised on seems vaguely like a description of a more powerful Number Field Sieve [1], so this would be consistent with Russia having standardized something like McEliece. Of course, I doubt they have done this, but in thinking about this I realized I have no clue what they have standardized, and therefore no clue if this was a plot hole, or excellent writing.

This leads to the broader question: Are there cryptosystems that have not been widely adopted in the West, that have been standardized by other major countries?

I'll include a handful of examples that I am aware of:

• The Lattice-based KEM LAC was recently chosen in China's variant of the NIST PQC competition.
• There are the Russian block ciphers GOST, and on Kuznyechik.

In this question I am mostly interested in historical example though (so of the above, mostly interested in GOST). Are there other well-known examples? I would especially be interested in asymmetric schemes, given the motivation to better understand Sneakers.

---

[1] Funnily enough, this came out ~ 1 year before the general number field sieve was published, but Adleman was not on that paper.

Answer 1

Are there cryptosystems that have not been widely adopted in the West, that have been standardized by other major countries?

Camellia is a block cipher similar in performance and security to AES. It was standardized by Japan's CRYPTREC and although various Western countries have standardized implementations of it, it is quite uncommonly used in the West. In 2014, Firefox disabled support for it in TLS.

Answer 2

Chinese Standards:

Identity Based Encryption:

SM9 is a Chinese national cryptography standard for Identity Based Cryptography issued by the Chinese State Cryptographic Authority in March 2016

^{A revision of this answer said it included asymmetric encryption, digital signature, key encapsulation and key wrapping algorithms. This is off from fact in 2 ways: 1. SM9 is solely concerned with Identity-Based Cryptography, general-purpose PKC is the concern of SM2. 2. SM2 only has asymmetric encryption, digital signature, and key exchange (MQV-like). I'm not sure why it said key wrapping, but since people generally associate it with deterministic authenticated symmetric encryption, I think it should not be listed.}

See the eprint paper here

Block Cipher:

SM4 (formerly SMS4) is a block cipher used in the Chinese National Standard for Wireless LAN WAPI (Wired Authentication and Privacy Infrastructure).

The SM4 algorithm was declassified in January, 2006, and it became a national standard (GB/T 32907-2016) in August 2016. See the internet draft here

Russian Standards:

I have seen no evidence (it doesn't mean there is none) that any public key schemes were standardised in Russia prior to 2001.

However, there is the following digital signature standard using Elliptic Curve cryptography:

GOST R 34.10–2012

GOST R 34.10-2012 describes the generation and verification processes for digital signatures, based on operations with an elliptic curve points group, defined over a prime finite field.

The necessity for developing this standard is caused by the need to implement digital signatures of varying resistance due to growth of computer technology. Digital signature security is based on the complexity of discrete logarithm calculation in an elliptic curve points group and also on the security of the hash function used (according to GOST R 34.11-2012 [GOST3411-2012]).

This document refers to an earlier standard GOST R 34.11-2001 which is also elliptic curve based.

Disclaimer: I haven't the time to check whether these are not simply local copies of ISO standards. ^{revision note: SM9 is adopted into ISO in fact, the reviewer wasn't sure about the Russian standards though}

Answer 3

China has a systematic development effort on cryptography and infosec products. We classify cryptographic algorithms as

1. 核心密码 - Core Cryptography
2. 普通密码 - Ordinary Cryptography
3. 商用密码 - Commercial Cryptography (pinyin: Shangyong Mima)

Commercial cryptography are standardized by SM series of standards.

The most widely used/known:

• SM4: block cipher standard - a design based on Feistel network, with 128-bit block and key; adopted by ISO in 2021.

• SM3: 256-bit Hash function - Merkle-Damgaard.

• SM2: Elliptic Curve Cryptography - Design based on Weierstrass Curve over prime order finite field (with binary field options, but so far no related parameter sets) whose parameter can be implemented using techniques similar to that used for P-256 - Functionally implementing public-key encryption, key exchange (MQV-style) and digital signature (ElGamel-like with custom validity equation)

• SM9, adopted by ISO in 2021, it's an identity-based cryptography standard.

• SM1 is a blockcipher algorithm intended for electronic access control tokens with only implementations in the form of integrated circuits.

• ZUC: a stream cipher, adopted by ISO in 2021. I'm unfamiliar with the technical detail with this one. It's the only cryptography standard in the series to not prefixed by SM because the name is a tribute to the mathematican and astronomer of ancient time: Zu Chongzhi (祖冲之), who computed $\pi$ to 7 significant digits, which at the time was a significance. (Cryptographers of classical and modern era would then use $\pi$ to generate cipher streams or choose nothing-up-my-sleeve magic numbers from)

FYI:

• These algorithms are original and not import of ISO-developed texts.
• SM4 and SM3 have hardware acceleration in 64-bit state of ARM CPU instruction set.
• SM2 encryption and key exchange incorporates both X and Y coordinates in ciphertext and shared key, unlike SEC#1 which just uses X coordinates.

There's a short intro to these algorithms at CSDN and full catalogue at government website ^{these pages' in Chinese, use translation tools of your preference.}